@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)", date="2022-09-19T20:26:39.783Z") @Stability(value=Stable) public interface PolicyStatementProps extends software.amazon.jsii.JsiiSerializable
Example:
// Add gateway endpoints when creating the VPC
Vpc vpc = Vpc.Builder.create(this, "MyVpc")
.gatewayEndpoints(Map.of(
"S3", GatewayVpcEndpointOptions.builder()
.service(GatewayVpcEndpointAwsService.S3)
.build()))
.build();
// Alternatively gateway endpoints can be added on the VPC
GatewayVpcEndpoint dynamoDbEndpoint = vpc.addGatewayEndpoint("DynamoDbEndpoint", GatewayVpcEndpointOptions.builder()
.service(GatewayVpcEndpointAwsService.DYNAMODB)
.build());
// This allows to customize the endpoint policy
dynamoDbEndpoint.addToPolicy(
PolicyStatement.Builder.create() // Restrict to listing and describing tables
.principals(List.of(new AnyPrincipal()))
.actions(List.of("dynamodb:DescribeTable", "dynamodb:ListTables"))
.resources(List.of("*")).build());
// Add an interface endpoint
vpc.addInterfaceEndpoint("EcrDockerEndpoint", InterfaceVpcEndpointOptions.builder()
.service(InterfaceVpcEndpointAwsService.ECR_DOCKER)
.build());
| Modifier and Type | Interface and Description |
|---|---|
static class |
PolicyStatementProps.Builder
A builder for
PolicyStatementProps |
static class |
PolicyStatementProps.Jsii$Proxy
An implementation for
PolicyStatementProps |
| Modifier and Type | Method and Description |
|---|---|
static PolicyStatementProps.Builder |
builder() |
default List<String> |
getActions()
List of actions to add to the statement.
|
default Map<String,Object> |
getConditions()
Conditions to add to the statement.
|
default Effect |
getEffect()
Whether to allow or deny the actions in this statement.
|
default List<String> |
getNotActions()
List of not actions to add to the statement.
|
default List<IPrincipal> |
getNotPrincipals()
List of not principals to add to the statement.
|
default List<String> |
getNotResources()
NotResource ARNs to add to the statement.
|
default List<IPrincipal> |
getPrincipals()
List of principals to add to the statement.
|
default List<String> |
getResources()
Resource ARNs to add to the statement.
|
default String |
getSid()
The Sid (statement ID) is an optional identifier that you provide for the policy statement.
|
@Stability(value=Stable) @Nullable default List<String> getActions()
Default: - no actions
@Stability(value=Stable) @Nullable default Map<String,Object> getConditions()
Default: - no condition
@Stability(value=Stable) @Nullable default Effect getEffect()
Default: Effect.ALLOW
@Stability(value=Stable) @Nullable default List<String> getNotActions()
Default: - no not-actions
@Stability(value=Stable) @Nullable default List<IPrincipal> getNotPrincipals()
Default: - no not principals
@Stability(value=Stable) @Nullable default List<String> getNotResources()
Default: - no not-resources
@Stability(value=Stable) @Nullable default List<IPrincipal> getPrincipals()
Default: - no principals
@Stability(value=Stable) @Nullable default List<String> getResources()
Default: - no resources
@Stability(value=Stable) @Nullable default String getSid()
You can assign a Sid value to each statement in a statement array. In services that let you specify an ID element, such as SQS and SNS, the Sid value is just a sub-ID of the policy document's ID. In IAM, the Sid value must be unique within a JSON policy.
Default: - no sid
@Stability(value=Stable) static PolicyStatementProps.Builder builder()
PolicyStatementProps.Builder of PolicyStatementPropsCopyright © 2022. All rights reserved.